Press "Enter" to skip to content

Install and Configure ngx_lua_waf Based on Nginx+Lua ( OpenResty)


Ngx_lua_waf is a web application firewall based on lua-nginx-module.

  • Prevent SQL injection, local inclusion, partial overflow, fuzzing, xss, SSRF and other web attacks
  • Prevent file leaks, such as svn / backup
  • Prevent attacks from stress testing tools such as ApacheBench
  • Block common scanning hacking tools, scanners
  • Block unusual network requests
  • Block image attachment class directory php execute permission
  • Prevent webshell uploads

Windows Free Email Server -MailEnable Installation and Configuration


MailEnable is the software I installed on my lab environment DC server, which has been used to testing other system's email function. It is free, integrated well with AD, Web Login/Web Admin supported, smtp/pop supported. No complaints to this software for its functionality.

Here I posts some configuration tips my own notes. In case I forgot some settings during re-installation.

CyberArk Free Tool Usage – PAS Reporter


The PAS Reporter allows you to conveniently generate reports about your CyberArk PAS implementation. The tool can provide helpful insights and information by analyzing Export Vault Data (EVD) exports, configuration files, and Vault trace files. PAS Reporter Implementation Guide is not clear how to use it step by step. Just to make my life easier in the future, here are steps I used to run this reporter. 

Download and Extract it

Put downloaded file to one of your CyberArk machines which is allowed to connect to Vault

Build Cloud File Download & Manage Center using FileBrowser+Aria2+AriaNg+Rclone+Caddy+Google Drive


This post is regarding how to use wahyd4/aria2-ui's docker image to achieve a downloading and file managing / sharing center. In just one docker image, you can do downloading (Aria2), Web GUI downloading (AriaNG) , File Managing (FileBrowser), supporting multi-type file view, and saving to Google Drive. 


Install Docker:

Install O365 MarketPlace Plug-in and Onboard O365 Account


CyberArk PSM can be used to log in web site using Chrome or IE. I was working on this kind of requirements a lot recently. It usually needs some work to figure out login form's Username, Password, Click or Button's ID then create a new connection component for it.  CyberArk MarketPlace has a Office 365 connection component which can reduce lots of this kind of effort.

This post is to record the process I took to get Office 365 log in through PSM working.